diff --git a/security/sssd2/Makefile b/security/sssd2/Makefile
index 736e79634b66..3a73e0260ec4 100644
--- a/security/sssd2/Makefile
+++ b/security/sssd2/Makefile
@@ -1,164 +1,163 @@
 PORTNAME=	sssd
-PORTVERSION=	2.9.5
-PORTREVISION=	4
+PORTVERSION=	2.9.6
 CATEGORIES=	security
 PKGNAMESUFFIX=	2
 
 MAINTAINER=	jhixson@FreeBSD.org
 COMMENT=	System Security Services Daemon
 WWW=		https://sssd.io/
 
 LICENSE=	GPLv3+
 LICENSE_FILE=	${WRKSRC}/COPYING
 
 CONFLICTS_INSTALL?=	sssd*
 
 BUILD_DEPENDS=	${PY_SETUPTOOLS} \
 		bash:shells/bash \
 		docbook-xsl>=1:textproc/docbook-xsl \
 		p11-kit:security/p11-kit \
 		nsupdate:dns/bind-tools \
 		xmlcatalog:textproc/libxml2 \
 		xmlcatmgr:textproc/xmlcatmgr \
 		xsltproc:textproc/libxslt
 
 LIB_DEPENDS=	libcares.so:dns/c-ares \
 		libcurl.so:ftp/curl \
 		libdbus-1.so:devel/dbus \
 		libdhash.so:devel/ding-libs \
 		libfido2.so:security/libfido2 \
 		libinotify.so:devel/libinotify \
 		libjansson.so:devel/jansson \
 		libjose.so:net/jose \
 		libldb.so:${SAMBA_LDB_PORT} \
 		libndr-krb5pac.so:${SAMBA_PORT} \
 		libndr-nbt.so:${SAMBA_PORT} \
 		libndr-standard.so:${SAMBA_PORT} \
 		libndr.so:${SAMBA_PORT} \
 		libp11-kit.so:security/p11-kit \
 		libpcre2-8.so:devel/pcre2 \
 		libpopt.so:devel/popt \
 		libsamba-util.so:${SAMBA_PORT} \
 		libsasl2.so:security/cyrus-sasl2 \
 		libsmbclient.so:${SAMBA_PORT} \
 		libtalloc.so:devel/talloc \
 		libtdb.so:databases/tdb \
 		libtevent.so:devel/tevent \
 		libunistring.so:devel/libunistring \
 		libuuid.so:misc/e2fsprogs-libuuid
 
 RUN_DEPENDS=	adcli:net-mgmt/adcli \
 		cyrus-sasl-gssapi>0:security/cyrus-sasl2-gssapi
 
 USES=	autoreconf cpe gettext gmake gssapi:flags,mit iconv ldap \
 	libtool localbase:ldflags pathfix pkgconfig python:3.9+ samba:env \
 	shebangfix ssl
 
 USE_LDCONFIG=	yes
 GNU_CONFIGURE=	yes
 
 INSTALL_TARGET=	install-strip
 CPE_VENDOR=	fedoraproject
 
 CONFIGURE_ARGS=	--disable-dependency-tracking \
 		--datadir=${DATADIR} \
 		--localstatedir=/var \
 		--disable-nls \
 		--disable-cifs-idmap-plugin \
 		--disable-valgrind \
 		--disable-systemtap \
 		--enable-pammoddir=${PREFIX}/lib \
 		--enable-ldb-version-check \
 		--enable-pac-responder \
 		--with-db-path=/var/db/sss/db \
 		--with-os=freebsd \
 		--with-plugin-path=${LOCALBASE}/lib/sssd \
 		--with-pubconf-path=/var/db/sss/pubconf  \
 		--with-pid-path=/var/run \
 		--with-pipe-path=/var/run/sss/pipes \
 		--with-mcache-path=/var/db/sss/mc \
 		--with-environment-file=${LOCALBASE}/etc/sssd \
 		--with-init-dir=no \
 		--with-manpages \
 		--with-xml-catalog-path=${LOCALBASE}/share/xml/catalog \
 		--with-krb5-plugin-path=${LOCALBASE}/lib/krb5/plugins/libkrb5 \
 		--with-krb5authdata-plugin-path=${LOCALBASE}/lib/krb5/plugins/authdata \
 		--with-krb5-conf=/etc/krb5.conf \
 		--without-python2-bindings \
 		--with-winbind-plugin-path=${LOCALBASE}/lib/samba4/modules/idmap \
 		--without-selinux \
 		--with-gpo-cache-path=/var/db/sss/gpo_cache  \
 		--without-semanage \
 		--with-app-libs=${LOCALBASE}/lib/sssd/modules \
 		--without-autofs \
 		--with-files-provider \
 		--with-passkey \
 		--with-samba \
 		--without-nfsv4-idmapd-plugin \
 		--with-secrets-db-path=/var/lib/sss/secrets \
 		--with-kcm \
 		--with-oidc-child \
 		--with-ldb-lib-dir=${LOCALBASE}/lib/shared-modules/ldb \
 		--with-smb-idmap-interface-version=6 \
 		--without-libnl \
 		--with-nscd-conf=/etc/nscd.conf \
 		--with-python_prefix=${PREFIX}
 CONFIGURE_ENV=	KRB5_CONFIG="${KRB5CONFIG}"
 
 CPPFLAGS+=	-DRENEWAL_PROG_PATH='\"${LOCALBASE}/sbin/adcli\"'
 CFLAGS+=	-fstack-protector-all
 LIBS+=		-linotify -lintl
 
 PLIST_SUB=	PYTHON_VER=${PYTHON_VER}
 MAKE_ENV=	MAKELEVEL=0 LINGUAS="bg de eu es fr hu id it ja nb nl pl pt ru sv tg tr uk zh_CN zh_TW"
 SUB_FILES=	pkg-message
 
 BINARY_ALIAS=	python3=python${PYTHON_VER}
 SHEBANG_FILES=	sbus_generate.sh.in \
 		src/tools/analyzer/sss_analyze \
 		src/tools/sss_obfuscate \
 		src/config/SSSDConfigTest.py \
 		src/tests/*.py \
 		src/tests/cwrap/cwrap_test_setup.sh \
 		src/tests/whitespace_test \
 		src/tests/multihost/data/memcachesize.py \
 		src/tests/double_semicolon_test \
 		scripts/release.sh \
 		contrib/git/pre-push \
 		contrib/ci/rpm-spec-builddeps \
 		contrib/ci/clean \
 		contrib/ci/valgrind-condense \
 		contrib/ci/run-multihost \
 		contrib/ci/run \
 		contrib/ci/get-matrix.py \
 		contrib/vagrant/bootstrap.sh \
 		contrib/fedora/make_srpm.sh
 
 USE_RC_SUBR=	${PORTNAME}
 
 USE_GITHUB=yes
 GH_ACCOUNT=sssd
 
 post-patch:
 	@${REINPLACE_CMD} -e 's|/usr/bin/|${PREFIX}/bin/|g' \
 		-e 's|/var/lib/sss/pubconf/|/var/db/sss/pubconf/|g' \
 		${WRKSRC}/src/man/sss_ssh_knownhostsproxy.1.xml \
 		${WRKSRC}/src/man/po/*.po || true
 	@${REINPLACE_CMD} -e 's|/etc/sssd/|${ETCDIR}/|g' \
 		-e 's|/etc/openldap/|${LOCALBASE}/etc/openldap/|g' \
 		${WRKSRC}/src/man/*xml || true
 	@${CP} ${FILESDIR}/sss_bsd_errno.h ${WRKSRC}/src/util/sss_bsd_errno.h
 	@${CP} ${FILESDIR}/bsdnss.c ${WRKSRC}/src/sss_client/bsdnss.c
 
 post-install:
 	${INSTALL_DATA} ${WRKSRC}/src/examples/sssd-example.conf \
 		${STAGEDIR}${ETCDIR}/sssd.conf.sample
 	${MKDIR} ${STAGEDIR}${PREFIX}/share/dbus-1/system.d
 	${INSTALL_DATA} ${WRKSRC}/src/responder/ifp/org.freedesktop.sssd.infopipe.conf \
 		${STAGEDIR}${PREFIX}/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
 	${MKDIR} ${STAGEDIR}${PREFIX}/share/dbus-1/system-services
 	${INSTALL_DATA} ${WRKSRC}/src/responder/ifp/org.freedesktop.sssd.infopipe.service \
 		${STAGEDIR}${PREFIX}/share/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
 	${LN} -sf libnss_sss.so.2 ${STAGEDIR}${PREFIX}/lib/nss_sss.so.1
 
 .include <bsd.port.mk>
diff --git a/security/sssd2/distinfo b/security/sssd2/distinfo
index 2d4cce561829..d2efe5d67d1d 100644
--- a/security/sssd2/distinfo
+++ b/security/sssd2/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1719240176
-SHA256 (sssd-sssd-2.9.5_GH0.tar.gz) = e63a66da95e62a97466f9e04ec6dd9b0c50d82452e6fb031b333c5125172ffbd
-SIZE (sssd-sssd-2.9.5_GH0.tar.gz) = 6764418
+TIMESTAMP = 1733536931
+SHA256 (sssd-sssd-2.9.6_GH0.tar.gz) = 8fc927fe9d627fdbe84b701c94a6b7e739127f48289bd466e18260a567f62244
+SIZE (sssd-sssd-2.9.6_GH0.tar.gz) = 6801499
diff --git a/security/sssd2/files/patch-src__external__platform.m4 b/security/sssd2/files/patch-src__external__platform.m4
index 30caaaaf51ae..2267fcf28b6e 100644
--- a/security/sssd2/files/patch-src__external__platform.m4
+++ b/security/sssd2/files/patch-src__external__platform.m4
@@ -1,51 +1,57 @@
---- src/external/platform.m4.orig	2023-05-05 08:11:07 UTC
-+++ src/external/platform.m4
-@@ -1,9 +1,10 @@ AC_ARG_WITH([os],
+--- src/external/platform.m4.orig	2024-12-07 08:35:28.095610000 -0800
++++ src/external/platform.m4	2024-12-07 08:39:28.615868000 -0800
+@@ -1,9 +1,10 @@
  AC_ARG_WITH([os],
 -            [AC_HELP_STRING([--with-os=OS_TYPE], [Type of your operation system (fedora|redhat|suse|gentoo)])]
-+            [AC_HELP_STRING([--with-os=OS_TYPE], [Type of your operation system (fedora|redhat|suse|gentoo|freebsd)])]
++            [AC_HELP_STRING([--with-os=OS_TYPE], [Type of your operation system (fedora|freebsd|redhat|suse|gentoo)])]
             )
  osname=""
  if test x"$with_os" != x ; then
      if test x"$with_os" = xfedora || \
 +       test x"$with_os" = xfreebsd || \
         test x"$with_os" = xredhat || \
         test x"$with_os" = xsuse || \
         test x"$with_os" = xgentoo || \
-@@ -25,6 +26,8 @@ if test x"$osname" = x ; then
-         osname="debian"
-     elif test -f /etc/gentoo-release ; then
-         osname="gentoo"
-+    elif test -f /etc/os-release ; then
-+        osname="freebsd"
+@@ -29,6 +30,8 @@
+         . /etc/os-release
+         if ([[ "${ID}" = "suse" ]]) || ([[ "${ID_LIKE#*suse*}" != "${ID_LIKE}" ]]); then
+             osname="suse"
++        elif ([[ "${ID}" = "freebsd" ]]) || ([[ "${ID_LIKE#*freebsd*}" != "${ID_LIKE}" ]]); then
++            osname="freebsd"
+         fi
      fi
  
-     AC_MSG_NOTICE([Detected operating system type: $osname])
-@@ -35,6 +38,7 @@ AM_CONDITIONAL([HAVE_GENTOO], [test x"$osname" = xgent
+@@ -36,6 +39,7 @@
+ fi
+ 
+ AM_CONDITIONAL([HAVE_FEDORA], [test x"$osname" = xfedora])
++AM_CONDITIONAL([HAVE_FREEBSD], [test x"$osname" = xfreebsd])
+ AM_CONDITIONAL([HAVE_REDHAT], [test x"$osname" = xredhat])
  AM_CONDITIONAL([HAVE_SUSE], [test x"$osname" = xsuse])
  AM_CONDITIONAL([HAVE_DEBIAN], [test x"$osname" = xdebian])
- AM_CONDITIONAL([HAVE_GENTOO], [test x"$osname" = xgentoo])
-+AM_CONDITIONAL([HAVE_FREEBSD], [test x"$osname" = xfreebsd])
- 
+@@ -44,14 +48,23 @@
  AS_CASE([$osname],
          [redhat], [AC_DEFINE_UNQUOTED([HAVE_REDHAT], 1, [Build with redhat config])],
-@@ -42,10 +46,18 @@ AS_CASE([$osname],
+         [fedora], [AC_DEFINE_UNQUOTED([HAVE_FEDORA], 1, [Build with fedora config])],
++        [freebsd], [AC_DEFINE_UNQUOTED([HAVE_FREEBSD], 1, [Build with freebsd config])],
          [suse], [AC_DEFINE_UNQUOTED([HAVE_SUSE], 1, [Build with suse config])],
          [gentoo], [AC_DEFINE_UNQUOTED([HAVE_GENTOO], 1, [Build with gentoo config])],
          [debian], [AC_DEFINE_UNQUOTED([HAVE_DEBIAN], 1, [Build with debian config])],
-+        [freebsd], [AC_DEFINE_UNQUOTED([HAVE_FREEBSD], 1, [Build with freebsd config])],
          [AC_MSG_NOTICE([Build with $osname config])])
  
 -AC_CHECK_MEMBERS([struct ucred.pid, struct ucred.uid, struct ucred.gid], , ,
+-                 [[#include <sys/socket.h>]])
 +if test x"$osname" = x"freebsd"; then
-+	AC_CHECK_MEMBERS([struct xucred.cr_pid, struct xucred.cr_uid, struct xucred.cr_gid], , , [[
++       AC_CHECK_MEMBERS([struct xucred.cr_pid, struct xucred.cr_uid, struct xucred.cr_gid], , , [[
 +#include <sys/param.h>
 +#include <sys/ucred.h>
 +]])
 +else
-+	AC_CHECK_MEMBERS([struct ucred.pid, struct ucred.uid, struct ucred.gid], , ,
-                  [[#include <sys/socket.h>]])
++       AC_CHECK_MEMBERS([struct ucred.pid, struct ucred.uid, struct ucred.gid], , ,
++                  [[#include <sys/socket.h>]])
 +fi
  
++
  if test x"$ac_cv_member_struct_ucred_pid" = xyes -a \
          x"$ac_cv_member_struct_ucred_uid" = xyes -a \
+         x"$ac_cv_member_struct_ucred_gid" = xyes ; then
diff --git a/security/sssd2/pkg-plist b/security/sssd2/pkg-plist
index 0c68fe94adc4..a4ddee106ba8 100644
--- a/security/sssd2/pkg-plist
+++ b/security/sssd2/pkg-plist
@@ -1,166 +1,166 @@
 bin/sss_ssh_authorizedkeys
 bin/sss_ssh_knownhostsproxy
 etc/pam.d/sssd-shadowutils
 %%ETCDIR%%/sssd.conf.sample
 include/ipa_hbac.h
 include/sss_certmap.h
 include/sss_idmap.h
 include/sss_nss_idmap.h
 lib/krb5/plugins/authdata/sssd_pac_plugin.so
 lib/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
 lib/libipa_hbac.so
 lib/libipa_hbac.so.0
 lib/libipa_hbac.so.0.1.0
 lib/libnss_sss.so.2
 lib/libsss_certmap.so
 lib/libsss_certmap.so.0
 lib/libsss_certmap.so.0.2.0
 lib/libsss_idmap.so
 lib/libsss_idmap.so.0
 lib/libsss_idmap.so.0.5.1
 lib/libsss_nss_idmap.so
 lib/libsss_nss_idmap.so.0
 lib/libsss_nss_idmap.so.0.6.0
 lib/libsss_sudo.so
 lib/nss_sss.so.1
 lib/pam_sss.so
 lib/pam_sss_gss.so
-%%PYTHON_SITELIBDIR%%/SSSDConfig-2.9.5-py%%PYTHON_VER%%.egg-info/PKG-INFO
-%%PYTHON_SITELIBDIR%%/SSSDConfig-2.9.5-py%%PYTHON_VER%%.egg-info/SOURCES.txt
-%%PYTHON_SITELIBDIR%%/SSSDConfig-2.9.5-py%%PYTHON_VER%%.egg-info/dependency_links.txt
-%%PYTHON_SITELIBDIR%%/SSSDConfig-2.9.5-py%%PYTHON_VER%%.egg-info/top_level.txt
+%%PYTHON_SITELIBDIR%%/SSSDConfig-2.9.6-py%%PYTHON_VER%%.egg-info/PKG-INFO
+%%PYTHON_SITELIBDIR%%/SSSDConfig-2.9.6-py%%PYTHON_VER%%.egg-info/SOURCES.txt
+%%PYTHON_SITELIBDIR%%/SSSDConfig-2.9.6-py%%PYTHON_VER%%.egg-info/dependency_links.txt
+%%PYTHON_SITELIBDIR%%/SSSDConfig-2.9.6-py%%PYTHON_VER%%.egg-info/top_level.txt
 %%PYTHON_SITELIBDIR%%/SSSDConfig/__init__.py
 %%PYTHON_SITELIBDIR%%/SSSDConfig/__pycache__/__init__%%PYTHON_EXT_SUFFIX%%.pyc
 %%PYTHON_SITELIBDIR%%/SSSDConfig/__pycache__/ipachangeconf%%PYTHON_EXT_SUFFIX%%.pyc
 %%PYTHON_SITELIBDIR%%/SSSDConfig/__pycache__/sssdoptions%%PYTHON_EXT_SUFFIX%%.pyc
 %%PYTHON_SITELIBDIR%%/SSSDConfig/ipachangeconf.py
 %%PYTHON_SITELIBDIR%%/SSSDConfig/sssdoptions.py
 %%PYTHON_SITELIBDIR%%/pyhbac.so
 %%PYTHON_SITELIBDIR%%/pysss.so
 %%PYTHON_SITELIBDIR%%/pysss_murmur.so
 %%PYTHON_SITELIBDIR%%/pysss_nss_idmap.so
 %%PYTHON_SITELIBDIR%%/sssd/__init__.py
 %%PYTHON_SITELIBDIR%%/sssd/modules/__init__.py
 %%PYTHON_SITELIBDIR%%/sssd/modules/request.py
 %%PYTHON_SITELIBDIR%%/sssd/parser.py
 %%PYTHON_SITELIBDIR%%/sssd/source_files.py
 %%PYTHON_SITELIBDIR%%/sssd/source_journald.py
 %%PYTHON_SITELIBDIR%%/sssd/source_reader.py
 %%PYTHON_SITELIBDIR%%/sssd/sss_analyze.py
 lib/samba4/modules/idmap/sss.so
 lib/shared-modules/ldb/memberof.so
 lib/sssd/conf/sssd.conf
 lib/sssd/libifp_iface.so
 lib/sssd/libifp_iface_sync.so
 lib/sssd/libsss_ad.so
 lib/sssd/libsss_cert.so
 lib/sssd/libsss_child.so
 lib/sssd/libsss_crypt.so
 lib/sssd/libsss_debug.so
 lib/sssd/libsss_files.so
 lib/sssd/libsss_iface.so
 lib/sssd/libsss_iface_sync.so
 lib/sssd/libsss_ipa.so
 lib/sssd/libsss_krb5.so
 lib/sssd/libsss_krb5_common.so
 lib/sssd/libsss_ldap.so
 lib/sssd/libsss_ldap_common.so
 lib/sssd/libsss_proxy.so
 lib/sssd/libsss_sbus.so
 lib/sssd/libsss_sbus_sync.so
 lib/sssd/libsss_semanage.so
 lib/sssd/libsss_simple.so
 lib/sssd/libsss_util.so
 lib/sssd/modules/sssd_krb5_idp_plugin.so
 lib/sssd/modules/sssd_krb5_localauth_plugin.so
 lib/sssd/modules/sssd_krb5_passkey_plugin.so
 libdata/pkgconfig/ipa_hbac.pc
 libdata/pkgconfig/sss_certmap.pc
 libdata/pkgconfig/sss_idmap.pc
 libdata/pkgconfig/sss_nss_idmap.pc
 libexec/sssd/gpo_child
 libexec/sssd/krb5_child
 libexec/sssd/ldap_child
 libexec/sssd/oidc_child
 libexec/sssd/p11_child
 libexec/sssd/passkey_child
 libexec/sssd/proxy_child
 libexec/sssd/sss_analyze
 libexec/sssd/sss_signal
 libexec/sssd/sssd_be
 libexec/sssd/sssd_ifp
 libexec/sssd/sssd_kcm
 libexec/sssd/sssd_nss
 libexec/sssd/sssd_pac
 libexec/sssd/sssd_pam
 libexec/sssd/sssd_ssh
 libexec/sssd/sssd_sudo
 sbin/sss_cache
 sbin/sss_debuglevel
 sbin/sss_obfuscate
 sbin/sss_override
 sbin/sss_seed
 sbin/sssctl
 sbin/sssd
 share/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
 share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
 share/man/man1/sss_ssh_authorizedkeys.1.gz
 share/man/man1/sss_ssh_knownhostsproxy.1.gz
 share/man/man5/sss-certmap.5.gz
 share/man/man5/sssd-ad.5.gz
 share/man/man5/sssd-files.5.gz
 share/man/man5/sssd-ifp.5.gz
 share/man/man5/sssd-ipa.5.gz
 share/man/man5/sssd-krb5.5.gz
 share/man/man5/sssd-ldap-attributes.5.gz
 share/man/man5/sssd-ldap.5.gz
 share/man/man5/sssd-session-recording.5.gz
 share/man/man5/sssd-simple.5.gz
 share/man/man5/sssd-sudo.5.gz
 share/man/man5/sssd.conf.5.gz
 share/man/man8/idmap_sss.8.gz
 share/man/man8/pam_sss.8.gz
 share/man/man8/pam_sss_gss.8.gz
 share/man/man8/sss_cache.8.gz
 share/man/man8/sss_debuglevel.8.gz
 share/man/man8/sss_obfuscate.8.gz
 share/man/man8/sss_override.8.gz
 share/man/man8/sss_seed.8.gz
 share/man/man8/sssctl.8.gz
 share/man/man8/sssd-kcm.8.gz
 share/man/man8/sssd.8.gz
 share/man/man8/sssd_krb5_localauth_plugin.8.gz
 share/man/man8/sssd_krb5_locator_plugin.8.gz
 %%DATADIR%%/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
 %%DATADIR%%/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
 %%DATADIR%%/sssd-kcm/kcm_default_ccache
 %%DATADIR%%/sssd/cfg_rules.ini
 %%DATADIR%%/sssd/krb5-snippets/enable_sssd_conf_dir
 %%DATADIR%%/sssd/krb5-snippets/sssd_enable_idp
 %%DATADIR%%/sssd/krb5-snippets/sssd_enable_passkey
 %%DATADIR%%/sssd/sssd.api.conf
 %%DATADIR%%/sssd/sssd.api.d/sssd-ad.conf
 %%DATADIR%%/sssd/sssd.api.d/sssd-files.conf
 %%DATADIR%%/sssd/sssd.api.d/sssd-ipa.conf
 %%DATADIR%%/sssd/sssd.api.d/sssd-krb5.conf
 %%DATADIR%%/sssd/sssd.api.d/sssd-ldap.conf
 %%DATADIR%%/sssd/sssd.api.d/sssd-proxy.conf
 %%DATADIR%%/sssd/sssd.api.d/sssd-simple.conf
 @dir %%ETCDIR%%/conf.d
 @dir %%ETCDIR%%/pki
 @dir lib/ldb
 @dir /var/db/sss/db
 @dir /var/db/sss/deskprofile
 @dir /var/db/sss/gpo_cache
 @dir /var/db/sss/keytabs
 @dir /var/db/sss/mc
 @dir /var/db/sss/pubconf/krb5.include.d
 @dir /var/db/sss/pubconf
 @dir /var/db/sss
 @dir /var/lib/sss/secrets
 @dir /var/lib/sss
 @dir /var/lib
 @dir /var/log/sssd
 @dir /var/run/sss/pipes/private
 @dir /var/run/sss/pipes
 @dir /var/run/sss